archive/unibutton
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sanitize packets

Browse source
This commit is contained in:
biglyderv 2024-10-06 09:47:52 -04:00
parent ba1b2455ce
commit 151187d40e
No known key found for this signature in database
GPG key ID: 33AC87E9ACE66954
2 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
game.js
View file

@ -19,6 +19,7 @@ class Game extends GameBasic {
for (let entity of entities) { for (let entity of entities) {
entity.pos = { x: Math.round(entity.pos.x), y: Math.round(entity.pos.y) }; entity.pos = { x: Math.round(entity.pos.x), y: Math.round(entity.pos.y) };
entity.vel = { x: Math.round(entity.vel.x), y: Math.round(entity.vel.y) }; entity.vel = { x: Math.round(entity.vel.x), y: Math.round(entity.vel.y) };
entity.camera = entity.camera ? { x: Math.round(entity.camera.x), y: Math.round(entity.camera.y) } : false;
let props = entity.serverProps; let props = entity.serverProps;
let basic = props.map(prop => entity[prop]); let basic = props.map(prop => entity[prop]);

11
index.js
View file

@ -38,11 +38,20 @@ app.ws('/', function (ws, req) {
let newEnt = game.entities[playerI]; let newEnt = game.entities[playerI];
let {you} = newEnt; let { you } = newEnt;
let props = player.legalProps; let props = player.legalProps;
for (let i in props) { for (let i in props) {
let prop = data[i];
let typed = (typeof prop);
let keys = Object.keys(prop);
let isC = (typed === 'object' && keys[0] == 'x' && keys[1] == 'y' && keys.length == 2 && typeof prop.x == 'number' && typeof prop.y == 'number');
if (typed !== 'string' && typed !== 'number' && typed !== 'boolean' && typed !== 'undefined' && !isC) {
console.warn(`Player ${you} attempted to send an invalid packet ${props[i]}`)
continue;
}
newEnt[props[i]] = data[i]; newEnt[props[i]] = data[i];
} }